What's the difference between Purview and Defender?

Defender protects against external threats — malware, phishing, account compromise. Purview protects your data from the inside — classifying it, preventing it from leaving, and detecting internal misuse. Both are part of the Microsoft security stack and we configure them together for Fortify clients.

Do we need a separate Purview licence?

Some Purview capabilities are included in Microsoft 365 Business Premium and E3 licences. Advanced features — insider risk management, advanced eDiscovery, and some DLP capabilities — require Microsoft 365 E5 or standalone Purview add-on licences. We review your current licencing at the assessment stage.

How do sensitivity labels work for non-technical staff?

We design the label taxonomy to be as simple as possible. Typically three to five labels: Public, Internal, Confidential, and Highly Confidential. Auto-labelling handles most classification without user action. Where manual labelling is required, we configure clear prompts that make the right choice the easy choice.

Can Purview cover data outside Microsoft 365?

Purview's primary scope is Microsoft 365 workloads. For data in on-premises file servers or third-party SaaS applications, we assess what's feasible at the scoping stage and recommend a practical approach — which may include Microsoft Defender for Cloud Apps for third-party app governance.

How does Purview support the Notifiable Data Breaches scheme?

Under Australia's NDB scheme, you must assess and report eligible breaches to the OAIC within 30 days. Purview's audit logs, eDiscovery, and data activity monitoring provide the evidence trail for breach investigation. We configure these capabilities with NDB obligations in mind.

Microsoft Purview · Data Governance

Microsoft Purview. Know your data. Protect it.

IronSights are certified Microsoft Purview specialists. We design the sensitivity label taxonomy, deploy DLP policies, and manage the platform so your data is protected wherever it lives.

Most organisations have no visibility over what sensitive data they hold, where it lives, or who can access it. Purview changes that — and we configure it properly from day one.

Book a Purview assessment →Our approach

Microsoft Purview specialists

Privacy Act & NDB aligned

Sensitive data discovery

Four pillars

Classify. Protect. Detect. Respond.

Purview works across every Microsoft 365 workload — email, Teams, SharePoint, OneDrive, and endpoints. We design the policies and manage the platform.

Every pillar configured to Privacy Act obligations and measured against your compliance posture on an ongoing basis.

Information Protection

Sensitivity label taxonomy designed and deployed. Auto-labelling for known data types. Encryption and access restrictions applied persistently.

Data Loss Prevention

Stop sensitive data leaving your organisation via email, Teams, SharePoint, OneDrive, and endpoint devices. Australian data types included.

Insider Risk Management

Detect and investigate data exfiltration by departing employees and contractors. Privacy-preserving investigation workflow built in.

Audit & eDiscovery

Retain, search, and export data for legal hold, regulatory investigation, and compliance review. Audit log retention configured to standard.

What's included

Everything needed to govern your data.

Eight workstreams covering classification, protection, exfiltration prevention, and insider risk — configured for Australian regulatory obligations.

Sensitivity label taxonomy

We design the label hierarchy for your organisation and deploy auto-labelling policies for known data types.

Label encryption

Persistent encryption and access restrictions applied to labelled files, regardless of where they're sent.

Email DLP policies

Block and notify actions for outbound emails containing TFNs, Medicare numbers, passport numbers, and other sensitive types.

Endpoint DLP

Prevent sensitive data being copied to USB or uploaded to personal cloud storage from managed devices.

Teams & SharePoint DLP

DLP policies extended across Teams chats and SharePoint libraries, not just email.

Insider risk policies

Sequence detection for download + upload + delete patterns. Integration with HR system triggers for departing employees.

Compliance manager

Compliance assessments mapped against Privacy Act, NDB scheme, and ISO 27001 obligations.

Australian data types

TFN, Medicare, passport, driver licence, and health identifier detection included in all DLP policy templates.

Built for Australian compliance

Australia's Privacy Act and the Notifiable Data Breaches scheme place specific obligations on how personal information is handled. We configure Purview with Australian-specific sensitive information types and align DLP policies to your Privacy Act obligations.

Tax File Number (TFN) detection and DLP
Medicare and health identifier protection
NDB scheme breach investigation support
Privacy Act APP compliance mapping
Cross-border data transfer controls

View Microsoft 365 security →

What a Purview assessment finds

Before deploying any policies, we scan your M365 environment to show you what sensitive data already exists and who can access it. The findings drive the label taxonomy and policy design.

Unlabelled sensitive documents
Overshared SharePoint libraries
Sensitive data in Teams chat history
External sharing with anonymous links
Departing employee data activity
Broad mailbox permissions

What you gain

Data protected, obligations met.

Four concrete outcomes from every Purview engagement, measured against your compliance posture and reported from day one.

Data visibility

Know exactly what sensitive data you hold, where it lives, and who can access it. Before a breach or regulator asks.

Exfiltration prevented

DLP policies block sensitive data leaving the organisation via email, Teams, USB, or cloud upload. The most common insider threat vector is closed.

Compliance demonstrated

Privacy Act and NDB scheme obligations addressed with documented evidence. Suitable for regulatory reporting, client questionnaires, and audit.

Insider risk managed

Departing employees and at-risk users monitored with a privacy-preserving workflow. Investigations documented and evidence preserved.

Common questions

Purview questions answered.

Not sure where to start, or whether Purview covers your specific compliance requirements? Contact us and we'll walk you through it.

Talk to a specialist →

What's the difference between Purview and Defender?
Defender protects against external threats — malware, phishing, account compromise. Purview protects your data from the inside — classifying it, preventing it from leaving, and detecting internal misuse. Both are part of the Microsoft security stack and we configure them together for Fortify clients.
Do we need a separate Purview licence?
Some Purview capabilities are included in Microsoft 365 Business Premium and E3 licences. Advanced features — insider risk management, advanced eDiscovery, and some DLP capabilities — require Microsoft 365 E5 or standalone Purview add-on licences. We review your current licencing at the assessment stage.
How do sensitivity labels work for non-technical staff?
We design the label taxonomy to be as simple as possible. Typically three to five labels: Public, Internal, Confidential, and Highly Confidential. Auto-labelling handles most classification without user action. Where manual labelling is required, we configure clear prompts that make the right choice the easy choice.
Can Purview cover data outside Microsoft 365?
Purview's primary scope is Microsoft 365 workloads. For data in on-premises file servers or third-party SaaS applications, we assess what's feasible at the scoping stage and recommend a practical approach — which may include Microsoft Defender for Cloud Apps for third-party app governance.
How does Purview support the Notifiable Data Breaches scheme?
Under Australia's NDB scheme, you must assess and report eligible breaches to the OAIC within 30 days. Purview's audit logs, eDiscovery, and data activity monitoring provide the evidence trail for breach investigation. We configure these capabilities with NDB obligations in mind.

Start with a data assessment

Find out what sensitive data you're sitting on.

We scan your M365 environment and show you exactly what sensitive data exists, where it lives, and who can access it. Before we configure any protection.

Book a Purview assessment →